<?php $mysqli = new mysqli('localhost', 'root', '', 'frcc_test'); 

// Define $myusername and $mypassword 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 
$cname=$_POST['cname']; 
$name=$_POST['name']; 
$phone=$_POST['phone']; 

// To protect MySQL injection (more detail about MySQL injection)
$uid = stripslashes($myusername);
$pwd = stripslashes($mypassword);
$cname = stripslashes($cname);
$name = stripslashes($name);
$phone = stripslashes($phone);

/* prepare insert statement */
$mysqli->query("SET NAMES 'utf8'");
    $sql = "INSERT directory (uid,pwd,cname,name,phone) VALUES (?, ?, ?, ?, ?)";
 
    if ($stmt = $mysqli->prepare($sql)) 
    {
        $stmt->bind_param("sssss", $uid, $pwd, $cname, $name, $phone);
        $stmt->execute();
 
        //echo "Number of user records inserted: " . $stmt->affected_rows;
         //echo "cname : " . $cname;
        // clean up your mess!
        $stmt->close();
    }
    else
    {
        die("Could not prepare SQL statement: $sql");
    }
 
    $mysqli->close();
header("location:showmember.php");
?>